Home
Help
Search
Login
Register
OPNsense Forum
»
English Forums
»
General Discussion
»
[solved] route issue on connections over site 2 site vpn
« previous
next »
Print
Pages: [
1
]
Author
Topic: [solved] route issue on connections over site 2 site vpn (Read 3577 times)
greY
Newbie
Posts: 40
Karma: 4
[solved] route issue on connections over site 2 site vpn
«
on:
February 12, 2019, 10:16:40 pm »
Hi
I have users connected over a IPSEC site to site VPN. They cannot access web sites behind haproxy (reverse proxy).
I see passing connections in the firewall logs but nothing in the haproxy logs (only local requests). It seems like a kind of issue with routing from requests coming over IPSEC...
Any ideas how to fix / check this?
«
Last Edit: February 15, 2019, 09:38:43 pm by greY
»
Logged
mimugmail
Hero Member
Posts: 6766
Karma: 494
Re: route issue on connections over site 2 site vpn
«
Reply #1 on:
February 13, 2019, 05:34:57 am »
Reverse Proxy runs on the same device as IPSec peer?
Logged
WWW:
www.routerperformance.net
Support plans:
https://www.max-it.de/en/it-services/opnsense/
Commercial Plugins (German):
https://opnsense.max-it.de/
greY
Newbie
Posts: 40
Karma: 4
Re: route issue on connections over site 2 site vpn
«
Reply #2 on:
February 13, 2019, 07:30:16 pm »
Reverse Proxy runs on OPNsense.
The infrastructure looks like this:
site A site B
|OPNsense| |Unifi USG |
| |----IPSEC tunnel-----| |
|HAproxy | | |
|
|
WEB Services
Logged
mimugmail
Hero Member
Posts: 6766
Karma: 494
Re: route issue on connections over site 2 site vpn
«
Reply #3 on:
February 13, 2019, 07:48:31 pm »
Then you have to add your WAN/32 to IPSec SA
Logged
WWW:
www.routerperformance.net
Support plans:
https://www.max-it.de/en/it-services/opnsense/
Commercial Plugins (German):
https://opnsense.max-it.de/
greY
Newbie
Posts: 40
Karma: 4
Re: route issue on connections over site 2 site vpn
«
Reply #4 on:
February 13, 2019, 09:07:16 pm »
Thanks, but please could you describe a bit more exactly what to do ?
Logged
mimugmail
Hero Member
Posts: 6766
Karma: 494
Re: route issue on connections over site 2 site vpn
«
Reply #5 on:
February 14, 2019, 05:55:55 pm »
In Phase2 add local net your WAN adress as network with /32 and remote the other LAN
Logged
WWW:
www.routerperformance.net
Support plans:
https://www.max-it.de/en/it-services/opnsense/
Commercial Plugins (German):
https://opnsense.max-it.de/
greY
Newbie
Posts: 40
Karma: 4
Re: route issue on connections over site 2 site vpn
«
Reply #6 on:
February 15, 2019, 09:38:09 pm »
The issue was that haproxy was only listening to 127.0.0.1:port, I added the local router IP:port and everything works.
anyways thanks for helping.
Logged
Print
Pages: [
1
]
« previous
next »
OPNsense Forum
»
English Forums
»
General Discussion
»
[solved] route issue on connections over site 2 site vpn